cancel
Showing results for 
Search instead for 
Did you mean: 

Magento Security Patch (SUPEE-6482) Release Note Correction

Magento Security Patch (SUPEE-6482) Release Note Correction

Yesterday, Magento released a new security patch for Community Edition and Enterprise Edition (SUPEE-6482). In our release note and announcement, we incorrectly stated that the patch addresses 4 issues with both products. Instead, the patch addresses 2 issues with Community Edition and 4 issues with Enterprise Edition.

 

Version:

Issues Addressed with Patch:

Magento Community Edition

Autoloaded File Inclusion in Magento SOAP API

SSRF Vulnerability in WSDL File

Magento Enterprise Edition

Autoloaded File Inclusion in Magento SOAP API

SSRF Vulnerability in WSDL File

Cross-site Scripting Using Unvalidated Headers

XSS in Gift Registry Search

 

We have corrected our release note and apologize for any confusion this may have created. The patch and Community Edition 1.9.2.1 are fully tested, complete and ready for you to deploy. We strongly encourage you to implement the patch or upgrade to the new version as soon as possible.

 

As a reminder, you can access the patch in following ways:

  • Partners: Go to the Partner Portal, select Technical Resources and then select Download from the Enterprise Edition panel. Next, navigate to Magento Enterprise Edition > Patches & Support and look for the folder titled “Security Patches – August 2015.”
  • Enterprise Edition Merchants: Go to My Account, select the Downloads tab, and then navigate to Magento Enterprise Edition > Support Patches. Look for the folder titled “Security Patches – August 2015.” Merchants can also upgrade to Enterprise Edition 1.14.2.1 and receive the security update as part of the core code starting August 6.
  • Community Edition Merchants: Go to the Community Edition download page and look for SUPEE-6482. Merchants can also upgrade to Community Edition 1.9.2.1 and receive the security update as part of the core code.

 

Once again, we apologize for the confusion this has created. We are reviewing our internal processes to ensure that we do not repeat this error in the future.

--

Community Manager, Magento
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical